Disable PatchGuard and Driver Signature Enforcement at boot time
翻译 - 引导时禁用PatchGuard和DSE
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
翻译 - 对于Windows 8,Windows 8.1和Windows 10的所有版本,无论HVCI如何,都普遍击败Patchguard
Universal PatchGuard and Driver Signature Enforcement Disable
InfinityHookPro Win7 -> Win11 latest
Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code
Kernel Level NMI Callback Blocker
A Vulnerable PatchGuard Exploit that can be used to disable PatchGuard on Runtime.
EPROCESS Unlinking example in "C" using DKOM Manipulation
A single byte modification in the kernel memory bypasses and disables all core functions of the AV/EDR security solutions
PsLoadedModuleList Unlinking through DKOM Manipulation